const { userCollection } = require("../../common/constants");
const { ERROR } = require("../../common/error");
const PasswordUtils = require("../../lib/utils/password");
/**
 * 更新密码
 * @tutorial https://uniapp.dcloud.net.cn/uniCloud/uni-id-pages.html#update-pwd
 * @param {object} params
 * @param {string} params.oldPassword 旧密码
 * @param {string} params.newPassword 新密码
 * @returns {object}
 */
module.exports = async function (params = {}) {
  const schema = {
    oldPassword: "string", // 防止密码规则调整导致旧密码无法更新
    newPassword: "password",
  };
  this.middleware.validate(params, schema);
  const uid = this.authInfo.uid;
  const getUserRes = await userCollection.doc(uid).get();
  const userRecord = getUserRes.data[0];
  if (!userRecord) {
    throw {
      errCode: ERROR.ACCOUNT_NOT_EXISTS,
    };
  }
  const { oldPassword, newPassword } = params;
  const passwordUtils = new PasswordUtils({
    userRecord,
    clientInfo: this.getUniversalClientInfo(),
    passwordSecret: this.config.passwordSecret,
  });

  const { success: checkPasswordSuccess } = passwordUtils.checkUserPassword({
    password: oldPassword,
    autoRefresh: false,
  });

  if (!checkPasswordSuccess) {
    throw {
      errCode: ERROR.PASSWORD_ERROR,
    };
  }

  const { passwordHash, version } = passwordUtils.generatePasswordHash({
    password: newPassword,
  });

  await userCollection.doc(uid).update({
    password: passwordHash,
    password_secret_version: version,
    valid_token_date: Date.now(), // refreshToken时会校验，如果创建token时间在此时间点之前，则拒绝下发新token，返回token失效错误码
  });
  // 执行更新密码操作后客户端应将用户退出重新登录
  return {
    errCode: 0,
  };
};
